Ecessa Edge EV150 10.7.4 CSRF Add Superuser Exploit
Title: Ecessa Edge EV150 10.7.4 CSRF Add Superuser Exploit
Advisory ID: ZSL-2018-5474
Type: Local/Remote
Impact: Cross-Site Scripting
Risk: (3/5)
Release Date: 24.06.2018
10.6.9
10.7.4
10.6.5.2
10.5.4
10.2.24
9.2.24
[21.05.2018] Contact with the vendor.
[23.06.2018] No response from the vendor.
[24.06.2018] Public security advisory released.
[2] https://packetstormsecurity.com/files/148302
[3] https://cxsecurity.com/issue/WLB-2018060285
[4] https://exchange.xforce.ibmcloud.com/vulnerabilities/145436
[11.07.2018] - Added reference [1], [2], [3] and [4]
Web: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk
Advisory ID: ZSL-2018-5474
Type: Local/Remote
Impact: Cross-Site Scripting
Risk: (3/5)
Release Date: 24.06.2018
Summary
Internet Failover and Load Balancing for Small Businesses, Stores and Branch Offices.Description
The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.Vendor
Ecessa Corporation - https://www.ecessa.comAffected Version
10.7.410.6.9
10.7.4
10.6.5.2
10.5.4
10.2.24
9.2.24
Tested On
lighttpd/1.4.35Vendor Status
[21.05.2018] Vulnerability discovered.[21.05.2018] Contact with the vendor.
[23.06.2018] No response from the vendor.
[24.06.2018] Public security advisory released.
PoC
ecessa_edge_csrf.htmlCredits
Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk>References
[1] https://www.exploit-db.com/exploits/44932/[2] https://packetstormsecurity.com/files/148302
[3] https://cxsecurity.com/issue/WLB-2018060285
[4] https://exchange.xforce.ibmcloud.com/vulnerabilities/145436
Changelog
[24.06.2018] - Initial release[11.07.2018] - Added reference [1], [2], [3] and [4]
Contact
Zero Science LabWeb: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk
